From b8834b9b8249f14fa4a75a9782a504edbec1134b Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Thu, 8 Sep 2016 20:06:38 +0200 Subject: [PATCH] [Major] Refactored to not use JAXB in PrivilegeUsersService --- .../li/strolch/privilege/model/UserRep.java | 17 -- li.strolch.rest/pom.xml | 14 +- .../model/query/parser/QueryParser.java | 30 +- .../rest/endpoint/AuthenticationService.java | 121 +++++--- .../rest/endpoint/PrivilegeUsersService.java | 123 ++++++-- .../java/li/strolch/rest/model/Login.java | 68 ----- .../li/strolch/rest/model/LoginResult.java | 287 ------------------ .../java/li/strolch/rest/model/Logout.java | 69 ----- .../li/strolch/rest/model/LogoutResult.java | 87 ------ .../model/query/parser/QueryParserTest.java | 34 ++- .../inspector/test/AbstractRestfulTest.java | 72 +++-- .../inspector/test/AuthenticationTest.java | 108 +++---- 12 files changed, 310 insertions(+), 720 deletions(-) delete mode 100644 li.strolch.rest/src/main/java/li/strolch/rest/model/Login.java delete mode 100644 li.strolch.rest/src/main/java/li/strolch/rest/model/LoginResult.java delete mode 100644 li.strolch.rest/src/main/java/li/strolch/rest/model/Logout.java delete mode 100644 li.strolch.rest/src/main/java/li/strolch/rest/model/LogoutResult.java diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/model/UserRep.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/model/UserRep.java index 2fb0334f8..4990442f6 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/model/UserRep.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/model/UserRep.java @@ -24,12 +24,6 @@ import java.util.Locale; import java.util.Map; import java.util.Set; -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; - import li.strolch.privilege.base.PrivilegeException; import li.strolch.privilege.model.internal.Role; import li.strolch.privilege.model.internal.User; @@ -43,34 +37,24 @@ import li.strolch.utils.xml.XmlKeyValue; * * @author Robert von Burg */ -@XmlRootElement(name = "User") -@XmlAccessorType(XmlAccessType.NONE) public class UserRep implements Serializable { private static final long serialVersionUID = 1L; - @XmlAttribute(name = "userId") private String userId; - @XmlAttribute(name = "username") private String username; - @XmlAttribute(name = "firstname") private String firstname; - @XmlAttribute(name = "lastname") private String lastname; - @XmlAttribute(name = "userState") private UserState userState; - @XmlAttribute(name = "locale") private Locale locale; - @XmlElement(name = "roles") private Set roles; - @XmlElement(name = "properties") private List properties; /** @@ -319,7 +303,6 @@ public class UserRep implements Serializable { * * @return the string map properties of this user as a list of {@link XmlKeyValue} elements */ - @XmlElement(name = "properties") public List getProperties() { return this.properties == null ? new ArrayList<>() : this.properties; } diff --git a/li.strolch.rest/pom.xml b/li.strolch.rest/pom.xml index fa76c0e5f..6b0709e49 100644 --- a/li.strolch.rest/pom.xml +++ b/li.strolch.rest/pom.xml @@ -1,6 +1,5 @@ - + 4.0.0 @@ -87,17 +86,6 @@ jersey-container-grizzly2-servlet test - - org.glassfish.jersey.containers - jersey-container-grizzly2-http - test - - - org.glassfish.jersey.test-framework.providers - jersey-test-framework-provider-bundle - pom - test - diff --git a/li.strolch.rest/src/main/java/li/strolch/model/query/parser/QueryParser.java b/li.strolch.rest/src/main/java/li/strolch/model/query/parser/QueryParser.java index 01bbee2eb..bb1318b17 100644 --- a/li.strolch.rest/src/main/java/li/strolch/model/query/parser/QueryParser.java +++ b/li.strolch.rest/src/main/java/li/strolch/model/query/parser/QueryParser.java @@ -37,15 +37,9 @@ public abstract class QueryParser extends CompositeParser { private OrSelection or; private IdSelection idSelection; - private boolean allowType; public QueryParser(StrolchElementQuery query) { - this(query, false); - } - - public QueryParser(StrolchElementQuery query, boolean allowType) { this.query = query; - this.allowType = allowType; } protected OrSelection or() { @@ -66,6 +60,8 @@ public abstract class QueryParser extends CompositeParser { public abstract boolean withPrefix(); + public abstract boolean allowType(); + protected void defs() { // [id:] [name:] [type:] [param::] [value] @@ -75,8 +71,7 @@ public abstract class QueryParser extends CompositeParser { if (withPrefix()) { def("id", key("id")); def("name", key("name")); - if (this.allowType) - def("type", key("type")); + def("type", key("type")); for (String bagId : getBagParamSet().keySet()) { Set set = getBagParamSet().getSet(bagId); @@ -97,7 +92,7 @@ public abstract class QueryParser extends CompositeParser { else parsers = parsers.or(ref("id")).or(ref("name")); - if (this.allowType) + if (allowType()) parsers = parsers.or(ref("type")); } else { @@ -139,7 +134,7 @@ public abstract class QueryParser extends CompositeParser { return null; }); - if (this.allowType) { + if (allowType()) { action("type", (String s) -> { String trimmed = s.trim(); if (!trimmed.isEmpty()) @@ -214,6 +209,11 @@ public abstract class QueryParser extends CompositeParser { public boolean withPrefix() { return withPrefix; } + + @Override + public boolean allowType() { + return true; + } }; Result result = parser.parse(queryString); ResourceQuery query = result.get(); @@ -242,6 +242,11 @@ public abstract class QueryParser extends CompositeParser { public boolean withPrefix() { return withPrefix; } + + @Override + public boolean allowType() { + return true; + } }; Result result = parser.parse(queryString); OrderQuery query = result.get(); @@ -271,6 +276,11 @@ public abstract class QueryParser extends CompositeParser { public boolean withPrefix() { return withPrefix; } + + @Override + public boolean allowType() { + return true; + } }; Result result = parser.parse(queryString); ActivityQuery query = result.get(); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java index bc48fb116..d0d771bd7 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java @@ -16,8 +16,7 @@ package li.strolch.rest.endpoint; import java.text.MessageFormat; -import java.util.ArrayList; -import java.util.List; +import java.util.Base64; import java.util.Set; import java.util.concurrent.TimeUnit; @@ -41,8 +40,11 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.gson.Gson; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; import com.google.gson.JsonObject; import com.google.gson.JsonParser; +import com.google.gson.JsonPrimitive; import li.strolch.exception.StrolchException; import li.strolch.privilege.base.AccessDeniedException; @@ -55,12 +57,8 @@ import li.strolch.privilege.model.Usage; import li.strolch.rest.RestfulStrolchComponent; import li.strolch.rest.StrolchRestfulConstants; import li.strolch.rest.StrolchSessionHandler; -import li.strolch.rest.model.Login; -import li.strolch.rest.model.LoginResult; -import li.strolch.rest.model.LogoutResult; import li.strolch.rest.model.Result; import li.strolch.runtime.privilege.PrivilegeHandler; -import li.strolch.utils.helper.StringHelper; /** * @author Robert von Burg @@ -73,52 +71,90 @@ public class AuthenticationService { @POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public Response authenticate(Login login, @Context HttpServletRequest request, @Context HttpHeaders headers) { + public Response authenticate(@Context HttpServletRequest request, @Context HttpHeaders headers, String data) { - LoginResult loginResult = new LoginResult(); + JsonObject login = new JsonParser().parse(data).getAsJsonObject(); + JsonObject loginResult = new JsonObject(); try { StringBuilder sb = new StringBuilder(); - if (StringHelper.isEmpty(login.getUsername()) || login.getUsername().length() < 2) { + JsonElement usernameE = login.get("username"); + if (usernameE == null || usernameE.getAsString().length() < 2) { sb.append("Username was not given or is too short!"); //$NON-NLS-1$ } - if (login.getPassword() == null || login.getPassword().length < 3) { + + JsonElement passwordE = login.get("password"); + if (passwordE == null) { if (sb.length() > 0) sb.append("\n"); - sb.append("Password was not given or was too short!"); //$NON-NLS-1$ + sb.append("Password was not given!"); //$NON-NLS-1$ + } + + byte[] password = passwordE == null ? new byte[] {} : Base64.getDecoder().decode(passwordE.getAsString()); + if (password.length < 3) { + if (sb.length() > 0) + sb.append("\n"); + sb.append("Password not given or too short!"); //$NON-NLS-1$ } if (sb.length() != 0) { - loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", sb.toString())); //$NON-NLS-1$ + loginResult.addProperty("msg", MessageFormat.format("Could not log in due to: {0}", sb.toString())); //$NON-NLS-1$ return Response.status(Status.BAD_REQUEST).entity(loginResult).build(); } StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); - Certificate certificate = sessionHandler.authenticate(login.getUsername(), login.getPassword()); + Certificate certificate = sessionHandler.authenticate(usernameE.getAsString(), password); PrivilegeHandler privilegeHandler = RestfulStrolchComponent.getInstance().getContainer() .getPrivilegeHandler(); PrivilegeContext privilegeContext = privilegeHandler.getPrivilegeContext(certificate); - loginResult.setSessionId(certificate.getSessionId()); - loginResult.setAuthToken(certificate.getAuthToken()); - loginResult.setUsername(certificate.getUsername()); - loginResult.setFirstname(certificate.getFirstname()); - loginResult.setLastname(certificate.getLastname()); - loginResult.setLocale(certificate.getLocale()); - loginResult.setParameters(certificate.getPropertyMap()); - loginResult.setRoles(new ArrayList<>(certificate.getUserRoles())); + loginResult.addProperty("sessionId", certificate.getSessionId()); + loginResult.addProperty("authToken", certificate.getAuthToken()); + loginResult.addProperty("username", certificate.getUsername()); + loginResult.addProperty("firstname", certificate.getFirstname()); + loginResult.addProperty("lastname", certificate.getLastname()); + loginResult.addProperty("locale", certificate.getLocale().toString()); - List privileges = new ArrayList<>(); - for (String name : privilegeContext.getPrivilegeNames()) { - IPrivilege privilege = privilegeContext.getPrivilege(name); - Set allowSet = privilege.getAllowList(); - ArrayList allowList = null; - if (!allowSet.isEmpty()) - allowList = new ArrayList<>(allowSet); - privileges.add(new LoginResult.Privilege(name, privilege.isAllAllowed(), allowList)); + if (!certificate.getPropertyMap().isEmpty()) { + JsonObject propObj = new JsonObject(); + loginResult.add("properties", propObj); + for (String propKey : certificate.getPropertyMap().keySet()) { + propObj.addProperty(propKey, certificate.getPropertyMap().get(propKey)); + } + } + + if (!certificate.getUserRoles().isEmpty()) { + JsonArray rolesArr = new JsonArray(); + loginResult.add("roles", rolesArr); + for (String role : certificate.getUserRoles()) { + rolesArr.add(new JsonPrimitive(role)); + } + } + + if (!privilegeContext.getPrivilegeNames().isEmpty()) { + JsonArray privArr = new JsonArray(); + loginResult.add("privileges", privArr); + + for (String name : privilegeContext.getPrivilegeNames()) { + IPrivilege privilege = privilegeContext.getPrivilege(name); + + JsonObject privObj = new JsonObject(); + privArr.add(privObj); + + privObj.addProperty("name", name); + privObj.addProperty("allAllowed", privilege.isAllAllowed()); + + Set allowSet = privilege.getAllowList(); + if (!allowSet.isEmpty()) { + JsonArray allowArr = new JsonArray(); + privObj.add("allowList", allowArr); + for (String allow : allowSet) { + allowArr.add(new JsonPrimitive(allow)); + } + } + } } - loginResult.setPrivileges(privileges); boolean secureCookie = RestfulStrolchComponent.getInstance().isSecureCookie(); if (secureCookie && !request.getScheme().equals("https")) { @@ -128,25 +164,25 @@ public class AuthenticationService { NewCookie cookie = new NewCookie(StrolchRestfulConstants.STROLCH_AUTHORIZATION, certificate.getAuthToken(), "/", null, "Authorization header", (int) TimeUnit.DAYS.toSeconds(1), secureCookie); - return Response.ok().entity(loginResult)// + return Response.ok().entity(loginResult.toString())// .header(HttpHeaders.AUTHORIZATION, certificate.getAuthToken()).cookie(cookie).build(); } catch (InvalidCredentialsException e) { logger.error(e.getMessage(), e); - loginResult.setMsg("Could not log in as the given credentials are invalid"); //$NON-NLS-1$ + loginResult.addProperty("msg", "Could not log in as the given credentials are invalid"); //$NON-NLS-1$ return Response.status(Status.UNAUTHORIZED).entity(loginResult).build(); } catch (AccessDeniedException e) { logger.error(e.getMessage(), e); - loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$ + loginResult.addProperty("msg", MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$ return Response.status(Status.UNAUTHORIZED).entity(loginResult).build(); } catch (StrolchException | PrivilegeException e) { logger.error(e.getMessage(), e); - loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$ + loginResult.addProperty("msg", MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$ return Response.status(Status.FORBIDDEN).entity(loginResult).build(); } catch (Exception e) { logger.error(e.getMessage(), e); String msg = e.getMessage(); - loginResult.setMsg(MessageFormat.format("{0}: {1}", e.getClass().getName(), msg)); //$NON-NLS-1$ + loginResult.addProperty("msg", MessageFormat.format("{0}: {1}", e.getClass().getName(), msg)); //$NON-NLS-1$ return Response.serverError().entity(loginResult).build(); } } @@ -157,7 +193,7 @@ public class AuthenticationService { @Path("{authToken}") public Response invalidateSession(@PathParam("authToken") String authToken) { - LogoutResult logoutResult = new LogoutResult(); + JsonObject logoutResult = new JsonObject(); try { @@ -165,19 +201,20 @@ public class AuthenticationService { Certificate certificate = sessionHandler.validate(authToken); sessionHandler.invalidate(certificate); - logoutResult.setUsername(certificate.getUsername()); - logoutResult.setAuthToken(authToken); - logoutResult.setMsg(MessageFormat.format("{0} has been logged out.", certificate.getUsername())); //$NON-NLS-1$ - return Response.ok().entity(logoutResult).build(); + logoutResult.addProperty("username", certificate.getUsername()); + logoutResult.addProperty("authToken", authToken); + logoutResult.addProperty("msg", //$NON-NLS-1$ + MessageFormat.format("{0} has been logged out.", certificate.getUsername())); + return Response.ok().entity(logoutResult.toString()).build(); } catch (StrolchException | PrivilegeException e) { logger.error(e.getMessage(), e); - logoutResult.setMsg(MessageFormat.format("Could not logout due to: {0}", e.getMessage())); //$NON-NLS-1$ + logoutResult.addProperty("msg", MessageFormat.format("Could not logout due to: {0}", e.getMessage())); //$NON-NLS-1$ return Response.status(Status.UNAUTHORIZED).entity(logoutResult).build(); } catch (Exception e) { logger.error(e.getMessage(), e); String msg = e.getMessage(); - logoutResult.setMsg(MessageFormat.format("{0}: {1}", e.getClass().getName(), msg)); //$NON-NLS-1$ + logoutResult.addProperty("msg", MessageFormat.format("{0}: {1}", e.getClass().getName(), msg)); //$NON-NLS-1$ return Response.serverError().entity(logoutResult).build(); } } diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java index 2beed95a0..4350a515c 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java @@ -16,8 +16,13 @@ package li.strolch.rest.endpoint; import java.text.MessageFormat; +import java.util.Base64; +import java.util.HashMap; +import java.util.HashSet; import java.util.List; import java.util.Locale; +import java.util.Map; +import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.Consumes; @@ -29,11 +34,16 @@ import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.core.Context; -import javax.ws.rs.core.GenericEntity; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import com.google.gson.JsonPrimitive; + import li.strolch.agent.api.ComponentContainer; import li.strolch.privilege.base.AccessDeniedException; import li.strolch.privilege.base.PrivilegeException; @@ -44,7 +54,6 @@ import li.strolch.privilege.model.UserState; import li.strolch.rest.RestfulStrolchComponent; import li.strolch.rest.StrolchRestfulConstants; import li.strolch.rest.StrolchSessionHandler; -import li.strolch.rest.model.PasswordField; import li.strolch.rest.model.Result; import li.strolch.service.api.ServiceHandler; import li.strolch.service.api.ServiceResult; @@ -75,6 +84,83 @@ public class PrivilegeUsersService { return container.getPrivilegeHandler().getPrivilegeHandler(); } + private JsonArray toJson(List users) { + JsonArray usersArr = new JsonArray(); + for (UserRep userRep : users) { + usersArr.add(toJson(userRep)); + } + return usersArr; + } + + private JsonObject toJson(UserRep userRep) { + JsonObject jsonObject = new JsonObject(); + + jsonObject.addProperty("userId", userRep.getUserId()); + jsonObject.addProperty("username", userRep.getUsername()); + jsonObject.addProperty("firstname", userRep.getFirstname()); + jsonObject.addProperty("lastname", userRep.getLastname()); + jsonObject.addProperty("userState", userRep.getUserState().name()); + jsonObject.addProperty("locale", userRep.getLocale().toString()); + + JsonArray rolesArr = new JsonArray(); + jsonObject.add("roles", rolesArr); + for (String role : userRep.getRoles()) { + rolesArr.add(new JsonPrimitive(role)); + } + + JsonArray propsArr = new JsonArray(); + jsonObject.add("properties", propsArr); + for (String propKey : userRep.getPropertyKeySet()) { + JsonObject propObj = new JsonObject(); + propObj.addProperty("key", propKey); + propObj.addProperty("value", userRep.getProperty(propKey)); + rolesArr.add(propObj); + } + + return jsonObject; + } + + private UserRep fromJson(JsonObject jsonObject) { + + JsonElement userIdE = jsonObject.get("userId"); + JsonElement usernameE = jsonObject.get("username"); + JsonElement firstnameE = jsonObject.get("firstname"); + JsonElement lastnameE = jsonObject.get("lastname"); + JsonElement userStateE = jsonObject.get("userState"); + JsonElement localeE = jsonObject.get("locale"); + JsonElement rolesE = jsonObject.get("roles"); + JsonElement propertiesE = jsonObject.get("properties"); + + String userId = userIdE == null ? null : userIdE.getAsString(); + String username = usernameE == null ? null : usernameE.getAsString(); + String firstname = firstnameE == null ? null : firstnameE.getAsString(); + String lastname = lastnameE == null ? null : lastnameE.getAsString(); + UserState userState = userStateE == null ? null : UserState.valueOf(userStateE.getAsString()); + Locale locale = localeE == null ? null : new Locale(localeE.getAsString()); + + Set roles = null; + if (rolesE != null) { + roles = new HashSet<>(); + JsonArray rolesArr = rolesE.getAsJsonArray(); + for (JsonElement role : rolesArr) { + roles.add(role.getAsString()); + } + } + + Map properties = null; + if (propertiesE != null) { + properties = new HashMap<>(); + JsonArray propertiesArr = propertiesE.getAsJsonArray(); + for (JsonElement propertyE : propertiesArr) { + JsonObject property = propertyE.getAsJsonObject(); + properties.put(property.get("key").getAsString(), property.get("value").getAsString()); + } + } + + UserRep userRep = new UserRep(userId, username, firstname, lastname, userState, roles, locale, properties); + return userRep; + } + @GET @Produces(MediaType.APPLICATION_JSON) public Response getUsers(@Context HttpServletRequest request) { @@ -82,9 +168,8 @@ public class PrivilegeUsersService { PrivilegeHandler privilegeHandler = getPrivilegeHandler(); List users = privilegeHandler.getUsers(cert); - GenericEntity> entity = new GenericEntity>(users) { - }; - return Response.ok(entity, MediaType.APPLICATION_JSON).build(); + JsonArray usersArr = toJson(users); + return Response.ok(usersArr.toString(), MediaType.APPLICATION_JSON).build(); } @GET @@ -95,33 +180,33 @@ public class PrivilegeUsersService { PrivilegeHandler privilegeHandler = getPrivilegeHandler(); UserRep user = privilegeHandler.getUser(cert, username); - return Response.ok(user, MediaType.APPLICATION_JSON).build(); + return Response.ok(toJson(user).toString(), MediaType.APPLICATION_JSON).build(); } @POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("query") - public Response queryUsers(UserRep query, @Context HttpServletRequest request) { + public Response queryUsers(String query, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); PrivilegeHandler privilegeHandler = getPrivilegeHandler(); - List users = privilegeHandler.queryUsers(cert, query); - GenericEntity> entity = new GenericEntity>(users) { - }; - return Response.ok(entity, MediaType.APPLICATION_JSON).build(); + UserRep queryRep = fromJson(new JsonParser().parse(query).getAsJsonObject()); + List users = privilegeHandler.queryUsers(cert, queryRep); + JsonArray usersArr = toJson(users); + return Response.ok(usersArr.toString(), MediaType.APPLICATION_JSON).build(); } @POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public Response addUser(UserRep newUser, @Context HttpServletRequest request) { + public Response addUser(String newUser, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); PrivilegeAddUserService svc = new PrivilegeAddUserService(); PrivilegeUserArgument arg = new PrivilegeUserArgument(); - arg.user = newUser; + arg.user = fromJson(new JsonParser().parse(newUser).getAsJsonObject()); PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); return handleServiceResult(svcResult); @@ -147,14 +232,14 @@ public class PrivilegeUsersService { @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("{username}") - public Response updateUser(@PathParam("username") String username, UserRep updatedFields, + public Response updateUser(@PathParam("username") String username, String updatedFields, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); PrivilegeUpdateUserService svc = new PrivilegeUpdateUserService(); PrivilegeUserArgument arg = new PrivilegeUserArgument(); - arg.user = updatedFields; + arg.user = fromJson(new JsonParser().parse(updatedFields).getAsJsonObject()); PrivilegeUserResult svcResult = svcHandler.doService(cert, svc, arg); return handleServiceResult(svcResult); @@ -223,7 +308,7 @@ public class PrivilegeUsersService { private Response handleServiceResult(PrivilegeUserResult svcResult) { if (svcResult.isOk()) { - return Response.ok(svcResult.getUser(), MediaType.APPLICATION_JSON).build(); + return Response.ok(toJson(svcResult.getUser()), MediaType.APPLICATION_JSON).build(); } else if (svcResult.getThrowable() != null) { Throwable t = svcResult.getThrowable(); if (t instanceof AccessDeniedException) { @@ -265,15 +350,17 @@ public class PrivilegeUsersService { @PUT @Produces(MediaType.APPLICATION_JSON) @Path("{username}/password") - public Response setUserPassword(@PathParam("username") String username, PasswordField passwordField, + public Response setUserPassword(@PathParam("username") String username, String data, @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); + String password = new JsonParser().parse(data).getAsJsonObject().get("password").getAsString(); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService(); PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument(); arg.username = username; - arg.password = passwordField.getPassword(); + arg.password = Base64.getDecoder().decode(password); ServiceResult svcResult = svcHandler.doService(cert, svc, arg); if (svcResult.isOk()) { diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/model/Login.java b/li.strolch.rest/src/main/java/li/strolch/rest/model/Login.java deleted file mode 100644 index 83d3c9a93..000000000 --- a/li.strolch.rest/src/main/java/li/strolch/rest/model/Login.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright 2013 Robert von Burg - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package li.strolch.rest.model; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlRootElement; - -/** - * @author Robert von Burg - */ -@XmlAccessorType(XmlAccessType.NONE) -@XmlRootElement(name = "Login") -public class Login { - - @XmlAttribute - private String username; - @XmlAttribute - private byte[] password; - - public Login() { - // no-arg constructor for JAXB - } - - /** - * @return the username - */ - public String getUsername() { - return this.username; - } - - /** - * @param username - * the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - /** - * @return the password - */ - public byte[] getPassword() { - return this.password; - } - - /** - * @param password - * the password to set - */ - public void setPassword(byte[] password) { - this.password = password; - } -} diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/model/LoginResult.java b/li.strolch.rest/src/main/java/li/strolch/rest/model/LoginResult.java deleted file mode 100644 index a299d072a..000000000 --- a/li.strolch.rest/src/main/java/li/strolch/rest/model/LoginResult.java +++ /dev/null @@ -1,287 +0,0 @@ -/* - * Copyright 2013 Robert von Burg - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package li.strolch.rest.model; - -import java.util.ArrayList; -import java.util.List; -import java.util.Locale; -import java.util.Map; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; - -import li.strolch.utils.xml.XmlKeyValue; - -/** - * @author Robert von Burg - */ -@XmlAccessorType(XmlAccessType.NONE) -@XmlRootElement(name = "LoginResult") -public class LoginResult { - - @XmlAttribute(name = "username") - private String username; - - @XmlAttribute(name = "firstname") - private String firstname; - - @XmlAttribute(name = "lastname") - private String lastname; - - @XmlAttribute(name = "authToken") - private String authToken; - - @XmlAttribute(name = "sessionId") - private String sessionId; - - @XmlAttribute(name = "locale") - private String locale; - - @XmlAttribute(name = "msg") - private String msg; - - @XmlElement(name = "roles") - private List roles; - - @XmlElement(name = "privileges") - private List privileges; - - private Map parameters; - - public LoginResult() { - // no-arg constructor for JAXB - } - - /** - * @return the username - */ - public String getUsername() { - return this.username; - } - - /** - * @param username - * the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - /** - * @return the firstname - */ - public String getFirstname() { - return this.firstname; - } - - /** - * @param firstname - * the firstname to set - */ - public void setFirstname(String firstname) { - this.firstname = firstname; - } - - /** - * @return the lastname - */ - public String getLastname() { - return this.lastname; - } - - /** - * @param lastname - * the lastname to set - */ - public void setLastname(String lastname) { - this.lastname = lastname; - } - - /** - * @return the sessionId - */ - public String getAuthToken() { - return this.authToken; - } - - /** - * @param authToken - * the authToken to set - */ - public void setAuthToken(String authToken) { - this.authToken = authToken; - } - - /** - * @return the sessionId - */ - public String getSessionId() { - return this.sessionId; - } - - /** - * @param sessionId - * the sessionId to set - */ - public void setSessionId(String sessionId) { - this.sessionId = sessionId; - } - - /** - * @return the locale - */ - public String getLocale() { - return this.locale; - } - - /** - * @param locale - * the locale to set - */ - public void setLocale(String locale) { - this.locale = locale; - } - - /** - * @param locale - * the locale to set - */ - public void setLocale(Locale locale) { - this.locale = locale.toString(); - } - - /** - * @return the parameters - */ - public Map getParameters() { - return this.parameters; - } - - /** - * @param parameters - * the parameters to set - */ - public void setParameters(Map parameters) { - this.parameters = parameters; - } - - /** - * Returns the string map properties of this user as a list of {@link XmlKeyValue} elements - * - * @return the string map properties of this user as a list of {@link XmlKeyValue} elements - */ - @XmlElement(name = "properties") - public List getPropertiesAsKeyValue() { - if (this.parameters == null) - return new ArrayList<>(0); - return XmlKeyValue.valueOf(this.parameters); - } - - /** - * @return the msg - */ - public String getMsg() { - return this.msg; - } - - /** - * @param msg - * the msg to set - */ - public void setMsg(String msg) { - this.msg = msg; - } - - /** - * @return the roles - */ - public List getRoles() { - return roles; - } - - /** - * @param roles - * the roles to set - */ - public void setRoles(List roles) { - this.roles = roles; - } - - /** - * @return the privileges - */ - public List getPrivileges() { - return this.privileges; - } - - /** - * @param privileges - * the privileges to set - */ - public void setPrivileges(List privileges) { - this.privileges = privileges; - } - - @XmlRootElement(name = "Privilege") - @XmlAccessorType(XmlAccessType.NONE) - public static class Privilege { - - @XmlAttribute(name = "name") - private String name; - @XmlAttribute(name = "allAllowed") - private boolean allAllowed; - @XmlElement(name = "allowList") - private List allowList; - - public Privilege() { - // no-arg constructor for JAXB - } - - public Privilege(String name, boolean allAllowed, List allowList) { - this.name = name; - this.allAllowed = allAllowed; - this.allowList = allowList; - } - - public void setName(String name) { - this.name = name; - } - - public String getName() { - return this.name; - } - - public List getAllowList() { - return this.allowList; - } - - public void setAllowList(List allowList) { - this.allowList = allowList; - } - - public boolean isAllAllowed() { - return this.allAllowed; - } - - public void setAllAllowed(boolean allAllowed) { - this.allAllowed = allAllowed; - } - - } -} diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/model/Logout.java b/li.strolch.rest/src/main/java/li/strolch/rest/model/Logout.java deleted file mode 100644 index 7e255f339..000000000 --- a/li.strolch.rest/src/main/java/li/strolch/rest/model/Logout.java +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright 2015 Robert von Burg - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package li.strolch.rest.model; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlRootElement; - -/** - * @author Robert von Burg - */ -@XmlRootElement(name = "Logout") -@XmlAccessorType(XmlAccessType.NONE) -public class Logout { - - @XmlAttribute(name = "username") - private String username; - - @XmlAttribute(name = "sessionId") - private String sessionId; - - public Logout() { - // no-arg constructor for JAXB - } - - /** - * @return the username - */ - public String getUsername() { - return this.username; - } - - /** - * @param username - * the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - /** - * @return the sessionId - */ - public String getSessionId() { - return this.sessionId; - } - - /** - * @param sessionId - * the sessionId to set - */ - public void setSessionId(String sessionId) { - this.sessionId = sessionId; - } -} diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/model/LogoutResult.java b/li.strolch.rest/src/main/java/li/strolch/rest/model/LogoutResult.java deleted file mode 100644 index 7cefb0f52..000000000 --- a/li.strolch.rest/src/main/java/li/strolch/rest/model/LogoutResult.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2013 Robert von Burg - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package li.strolch.rest.model; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlAttribute; -import javax.xml.bind.annotation.XmlRootElement; - -/** - * @author Robert von Burg - */ -@XmlAccessorType(XmlAccessType.NONE) -@XmlRootElement(name = "LogoutResult") -public class LogoutResult { - - @XmlAttribute(name = "username") - private String username; - - @XmlAttribute(name = "authToken") - private String authToken; - - @XmlAttribute(name = "msg") - private String msg; - - public LogoutResult() { - // no-arg constructor for JAXB - } - - /** - * @return the msg - */ - public String getMsg() { - return this.msg; - } - - /** - * @param msg - * the msg to set - */ - public void setMsg(String msg) { - this.msg = msg; - } - - /** - * @return the username - */ - public String getUsername() { - return this.username; - } - - /** - * @param username - * the username to set - */ - public void setUsername(String username) { - this.username = username; - } - - /** - * @return the authToken - */ - public String getSessionId() { - return this.authToken; - } - - /** - * @param authToken - * the authToken to set - */ - public void setAuthToken(String authToken) { - this.authToken = authToken; - } -} diff --git a/li.strolch.rest/src/test/java/li/strolch/model/query/parser/QueryParserTest.java b/li.strolch.rest/src/test/java/li/strolch/model/query/parser/QueryParserTest.java index f1f028f5b..98cb86949 100644 --- a/li.strolch.rest/src/test/java/li/strolch/model/query/parser/QueryParserTest.java +++ b/li.strolch.rest/src/test/java/li/strolch/model/query/parser/QueryParserTest.java @@ -4,6 +4,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import java.util.Arrays; import java.util.List; import org.junit.Test; @@ -196,39 +197,42 @@ public class QueryParserTest { assertFalse(query.hasNavigation()); OrSelection or = (OrSelection) query.getSelection(); List selections = or.getSelections(); - assertEquals(6, selections.size()); - for (Selection selection : selections) { - assertEquals(AnyTypeParameterSelection.class, selection.getClass()); - } + assertEquals(10, selections.size()); AnyTypeParameterSelection sel; - sel = (AnyTypeParameterSelection) selections.get(0); - assertEquals("parameters", sel.getBagKey()); - assertEquals("date", sel.getParamKey()); - assertEquals("asd", sel.getValue()); + IdSelection idSel = (IdSelection) selections.get(0); + assertEquals(Arrays.asList("asd", "bla@dsfdfg.ch", "1970-01-01T01:00:00.000+01:00"), idSel.getIds()); - sel = (AnyTypeParameterSelection) selections.get(1); - assertEquals("parameters", sel.getBagKey()); - assertEquals("email", sel.getParamKey()); - assertEquals("asd", sel.getValue()); + NameSelection nameSel = (NameSelection) selections.get(1); + assertEquals("asd", nameSel.getName()); sel = (AnyTypeParameterSelection) selections.get(2); assertEquals("parameters", sel.getBagKey()); assertEquals("date", sel.getParamKey()); - assertEquals("bla@dsfdfg.ch", sel.getValue()); + assertEquals("asd", sel.getValue()); sel = (AnyTypeParameterSelection) selections.get(3); assertEquals("parameters", sel.getBagKey()); assertEquals("email", sel.getParamKey()); + assertEquals("asd", sel.getValue()); + + sel = (AnyTypeParameterSelection) selections.get(5); + assertEquals("parameters", sel.getBagKey()); + assertEquals("date", sel.getParamKey()); assertEquals("bla@dsfdfg.ch", sel.getValue()); - sel = (AnyTypeParameterSelection) selections.get(4); + sel = (AnyTypeParameterSelection) selections.get(6); + assertEquals("parameters", sel.getBagKey()); + assertEquals("email", sel.getParamKey()); + assertEquals("bla@dsfdfg.ch", sel.getValue()); + + sel = (AnyTypeParameterSelection) selections.get(8); assertEquals("parameters", sel.getBagKey()); assertEquals("date", sel.getParamKey()); assertEquals("1970-01-01T01:00:00.000+01:00", sel.getValue()); - sel = (AnyTypeParameterSelection) selections.get(5); + sel = (AnyTypeParameterSelection) selections.get(9); assertEquals("parameters", sel.getBagKey()); assertEquals("email", sel.getParamKey()); assertEquals("1970-01-01T01:00:00.000+01:00", sel.getValue()); diff --git a/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AbstractRestfulTest.java b/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AbstractRestfulTest.java index 59fa5dd23..e2a33861f 100644 --- a/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AbstractRestfulTest.java +++ b/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AbstractRestfulTest.java @@ -18,22 +18,23 @@ package li.strolch.rest.inspector.test; import java.io.File; import java.io.IOException; import java.net.URI; +import java.util.Collections; +import javax.ws.rs.ProcessingException; import javax.ws.rs.core.Application; -import li.strolch.rest.StrolchRestfulClasses; -import li.strolch.testbase.runtime.RuntimeMock; - +import org.glassfish.grizzly.http.server.HttpServer; +import org.glassfish.jersey.client.ClientConfig; import org.glassfish.jersey.filter.LoggingFilter; +import org.glassfish.jersey.grizzly2.servlet.GrizzlyWebContainerFactory; import org.glassfish.jersey.server.ResourceConfig; import org.glassfish.jersey.server.ServerProperties; import org.glassfish.jersey.server.TracingConfig; import org.glassfish.jersey.servlet.ServletProperties; import org.glassfish.jersey.test.DeploymentContext; import org.glassfish.jersey.test.JerseyTest; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.glassfish.jersey.test.TestProperties; -import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory; +import org.glassfish.jersey.test.spi.TestContainer; import org.glassfish.jersey.test.spi.TestContainerException; import org.glassfish.jersey.test.spi.TestContainerFactory; import org.junit.AfterClass; @@ -41,13 +42,16 @@ import org.junit.BeforeClass; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import li.strolch.rest.StrolchRestfulClasses; +import li.strolch.rest.endpoint.Inspector; +import li.strolch.testbase.runtime.RuntimeMock; + /** * @author Robert von Burg */ @SuppressWarnings("nls") public abstract class AbstractRestfulTest extends JerseyTest { - private static final URI BASE_URI = URI.create("http://localhost:8888/base"); protected static final Logger logger = LoggerFactory.getLogger(AbstractRestfulTest.class); private static final String RUNTIME_PATH = "target/withPrivilegeRuntime/"; //$NON-NLS-1$ private static final String CONFIG_SRC = "src/test/resources/withPrivilegeRuntime"; //$NON-NLS-1$ @@ -63,26 +67,11 @@ public abstract class AbstractRestfulTest extends JerseyTest { runtimeMock.startContainer(); } - @Override - protected URI getBaseUri() { - return BASE_URI; - } - @AfterClass public static void afterClass() { runtimeMock.destroyRuntime(); } - @Override - protected TestContainerFactory getTestContainerFactory() throws TestContainerException { - return new GrizzlyWebTestContainerFactory(); - } - - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.builder(configure()).contextPath("rest").build(); - } - @Override protected Application configure() { forceEnable(TestProperties.LOG_TRAFFIC); @@ -109,4 +98,45 @@ public abstract class AbstractRestfulTest extends JerseyTest { resourceConfig.property(ServletProperties.FILTER_FORWARD_ON_404, true); return resourceConfig; } + + @Override + protected TestContainerFactory getTestContainerFactory() throws TestContainerException { + + return new TestContainerFactory() { + @Override + public TestContainer create(URI baseUri, DeploymentContext deploymentContext) { + return new TestContainer() { + private HttpServer server; + + @Override + public ClientConfig getClientConfig() { + return null; + } + + @Override + public URI getBaseUri() { + return baseUri; + } + + @Override + public void start() { + try { + this.server = GrizzlyWebContainerFactory.create(baseUri, Collections.singletonMap( + "jersey.config.server.provider.packages", Inspector.class.getPackage().getName())); + } catch (ProcessingException e) { + throw new TestContainerException(e); + } catch (IOException e) { + throw new TestContainerException(e); + } + } + + @Override + public void stop() { + this.server.shutdownNow(); + } + }; + + } + }; + } } diff --git a/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java b/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java index 7a64bd1d3..0bfb3558b 100644 --- a/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java +++ b/li.strolch.rest/src/test/java/li/strolch/rest/inspector/test/AuthenticationTest.java @@ -15,31 +15,25 @@ */ package li.strolch.rest.inspector.test; -import static org.hamcrest.MatcherAssert.assertThat; -import static org.hamcrest.Matchers.containsString; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; -import java.util.Locale; +import java.util.Base64; import javax.ws.rs.client.Entity; -import javax.ws.rs.client.Invocation.Builder; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; -import org.junit.Ignore; import org.junit.Test; -import li.strolch.rest.model.Login; -import li.strolch.rest.model.LoginResult; -import li.strolch.rest.model.LogoutResult; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; /** * @author Robert von Burg */ -@Ignore @SuppressWarnings("nls") public class AuthenticationTest extends AbstractRestfulTest { @@ -49,93 +43,61 @@ public class AuthenticationTest extends AbstractRestfulTest { public void shouldAuthenticate() { // login - Login login = new Login(); - login.setUsername("jill"); - login.setPassword("jill".getBytes()); - Entity loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON); - Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity); + JsonObject login = new JsonObject(); + login.addProperty("username", "jill"); + login.addProperty("password", Base64.getEncoder().encodeToString("jill".getBytes())); + Entity entity = Entity.entity(login.toString(), MediaType.APPLICATION_JSON); + + Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(entity); assertEquals(Status.OK.getStatusCode(), result.getStatus()); - LoginResult loginResult = result.readEntity(LoginResult.class); + JsonObject loginResult = new JsonParser().parse(result.readEntity(String.class)).getAsJsonObject(); assertNotNull(loginResult); - assertEquals("jill", loginResult.getUsername()); - assertEquals(64, loginResult.getAuthToken().length()); - assertNull(loginResult.getMsg()); + assertEquals("jill", loginResult.get("username").getAsString()); + assertEquals(64, loginResult.get("authToken").getAsString().length()); + assertNull(loginResult.get("msg")); // logout - result = target().path(ROOT_PATH + "/" + loginResult.getAuthToken()).request(MediaType.APPLICATION_JSON) - .delete(); + result = target().path(ROOT_PATH + "/" + loginResult.get("authToken").getAsString()) + .request(MediaType.APPLICATION_JSON).delete(); assertEquals(Status.OK.getStatusCode(), result.getStatus()); assertNotNull(loginResult); - LogoutResult logoutResult = result.readEntity(LogoutResult.class); + JsonObject logoutResult = new JsonParser().parse(result.readEntity(String.class)).getAsJsonObject(); assertNotNull(logoutResult); - assertNull(logoutResult.getMsg()); - } - - @Test - public void shouldUseRequestedLanguage() { - - // login - Login login = new Login(); - login.setUsername("jill"); - login.setPassword("jill".getBytes()); - Entity loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON); - Builder builder = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON); - builder = builder.acceptLanguage(Locale.ITALY); - Response result = builder.post(loginEntity); - assertEquals(Status.OK.getStatusCode(), result.getStatus()); - LoginResult loginResult = result.readEntity(LoginResult.class); - assertNotNull(loginResult); - assertEquals("jill", loginResult.getUsername()); - assertEquals(64, loginResult.getAuthToken().length()); - assertEquals(Locale.ITALY.toString(), loginResult.getLocale()); - assertNull(loginResult.getMsg()); - - // logout - result = target().path(ROOT_PATH + "/" + loginResult.getAuthToken()).request(MediaType.APPLICATION_JSON) - .delete(); - assertEquals(Status.OK.getStatusCode(), result.getStatus()); - assertNotNull(loginResult); - LogoutResult logoutResult = result.readEntity(LogoutResult.class); - assertNotNull(logoutResult); - assertNull(logoutResult.getMsg()); + assertEquals("jill has been logged out.", logoutResult.get("msg").getAsString()); } @Test public void shouldNotAuthenticate() { // login - Login login = new Login(); - login.setUsername("admin"); - login.setPassword("blalba".getBytes()); - Entity loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON); - Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity); - assertEquals(Status.FORBIDDEN.getStatusCode(), result.getStatus()); - LogoutResult logoutResult = result.readEntity(LogoutResult.class); - assertNotNull(logoutResult); - assertEquals("Could not log in due to: Authentication credentials are invalid", logoutResult.getMsg()); + JsonObject login = new JsonObject(); + login.addProperty("username", "jill"); + login.addProperty("password", Base64.getEncoder().encodeToString("blabla".getBytes())); + Entity entity = Entity.entity(login.toString(), MediaType.APPLICATION_JSON); + + Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(entity); + assertEquals(Status.UNAUTHORIZED.getStatusCode(), result.getStatus()); } @Test public void shouldFailLogoutIllegalSession() { // login - Login login = new Login(); - login.setUsername("jill"); - login.setPassword("jill".getBytes()); - Entity loginEntity = Entity.entity(login, MediaType.APPLICATION_JSON); - Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(loginEntity); + JsonObject login = new JsonObject(); + login.addProperty("username", "jill"); + login.addProperty("password", Base64.getEncoder().encodeToString("jill".getBytes())); + Entity entity = Entity.entity(login.toString(), MediaType.APPLICATION_JSON); + + Response result = target().path(ROOT_PATH).request(MediaType.APPLICATION_JSON).post(entity); assertEquals(Status.OK.getStatusCode(), result.getStatus()); - LoginResult loginResult = result.readEntity(LoginResult.class); + JsonObject loginResult = new JsonParser().parse(result.readEntity(String.class)).getAsJsonObject(); assertNotNull(loginResult); - assertEquals("jill", loginResult.getUsername()); - assertEquals(64, loginResult.getAuthToken().length()); - assertNull(loginResult.getMsg()); + assertEquals("jill", loginResult.get("username").getAsString()); + assertEquals(64, loginResult.get("authToken").getAsString().length()); + assertNull(loginResult.get("msg")); // logout result = target().path(ROOT_PATH + "/blabla").request(MediaType.APPLICATION_JSON).delete(); - assertEquals(Status.FORBIDDEN.getStatusCode(), result.getStatus()); - LogoutResult logoutResult = result.readEntity(LogoutResult.class); - assertNotNull(logoutResult); - assertThat(logoutResult.getMsg(), containsString("No certificate exists for sessionId blabla")); + assertEquals(Status.UNAUTHORIZED.getStatusCode(), result.getStatus()); } }